Conclusion
Special Report on the Lawful Access to Communications by Security and Intelligence Organizations
198. Lawful access represents one of the most intrusive powers of the state in the protection of national security. Accordingly, Canadians expect strong safeguards for its use, including that it be prescribed by law, serve a legitimate purpose, and be necessary and proportionate. Canadians rightfully want to understand any proposals for new tools and authorities to security and intelligence organizations that have implications for their privacy. However, Canadians also expect security and intelligence organizations to have the tools, policies, and lawful authorities in place to conduct lawful access techniques. The Committee thinks Canadians would be surprised to learn how difficult it actually is for security and intelligence agencies to do so.
199. In reflecting upon the information that came to light over the course of its review, the Committee is concerned by the lawful access challenges described by the security and intelligence community and by the long-standing inability of successive governments to address them. The RCMP and CSIS may not be going completely dark, but it is not because new technologies and an abundance of metadata counterbalance the loss of access to communications content. Rather, they appear to be mitigating the challenges associated with encryption technologies, an outdated legal framework, and jurisdictional limits by managing — for now — increasing operational complexity and risk. The Committee is concerned, however, with how much of this successful mitigation presently relies upon the ingenuity of CSIS and the RCMP rather than the right configuration of tools, lawful authorities, and resources.
200. The Committee is equally concerned that, if left unaddressed, these challenges will undermine Canada’s national security in the long term by increasingly hampering the ability of CSIS and the RCMP to fulfil their respective mandates. The failure to respond to these challenges may also impede Canada’s continued ability to benefit from Five Eyes efforts to detect and respond to security threats if it cannot meaningfully contribute to this partnership.
201. In the Committee’s view, the primary way the government could facilitate and enable national security investigations while at the same time protecting Canadians’ right to privacy would be to modernize lawful access legislation, based on clearly articulated principles that reaffirm the requirement for a legitimate need for exceptional, targeted and judicially authorized access, emphasize privacy and cybersecurity protections, and define transparency and oversight mechanisms. In light of the complexity of the lawful access challenge, the Committee suggests that the government implement an incremental approach to allow for meaningful engagement with stakeholders and a diversity of input.
202. It is critical, however, that the government approach these issues proactively. There are examples internationally of like minded democracies having hurriedly passed controversial lawful access legislation in response to serious national security events. Parliamentarians should have the opportunity to debate new legislation about lawful access with clear eyes and careful consideration, not in a rushed, emotional debate in reaction to a national tragedy. The longer these issues are kept on the backburner, the more the government opens itself up to the risk of following a similar path.
203. These challenges are not new. Successive governments have been aware of them for some time. It is time for the government to act and provide the security and intelligence community with the tools, policies, and lawful authorities they require to do the work asked of them in the manner expected by Canadians which is responsive to and protective of their privacy.